06f798c52fd70ba68aa0f76e8909fe8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06f798c52fd70ba68aa0f76e8909fe8f_JaffaCakes118
Size

508KB
MD5

06f798c52fd70ba68aa0f76e8909fe8f
SHA1

13952f2db8e2b457035978a9a6777d81a79010b7
SHA256

20f34f5657462ce119d95847d3ce72e1edc155811e71ad5cacd6582bfc8f50fe
SHA512

e9ca4b22fe94446405e3013eff1f4b371e1ba70cf0a3db811d9f07f2ef77a2a5ddbf7fc151aa632dcf6586ba6d40e8119edfd7fd3b95a2b134bea3f608f6861d
SSDEEP

12288:VU08b1bf7LBNNch1CZiJMAeORwU1m1/K3s8iUx4gW:VU02jLBNah1CZiJNeGwU1a/KE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f798c52fd70ba68aa0f76e8909fe8f_JaffaCakes118

Files

06f798c52fd70ba68aa0f76e8909fe8f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3

kernel32

GetModuleHandleW
GetWindowsDirectoryW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
TlsFree
InterlockedDecrement
TlsSetValue
InterlockedIncrement
TlsAlloc
TlsGetValue
CreateFileW
CloseHandle
FormatMessageW
GetLastError
GetFileAttributesW
lstrcpyW
TerminateThread
CreateThread
SetLastError
WriteFile
lstrlenA
GetSystemDefaultUILanguage
GetOEMCP
FreeResource
SizeofResource
LoadResource
FindResourceW

user32

EnableWindow
PostMessageW
WinHelpW
EndDialog
wsprintfA
SetDlgItemTextW
GetKeyboardLayout
InsertMenuW
wsprintfW
MsgWaitForMultipleObjects
SetWindowLongW
GetWindowLongW
LoadImageW
LoadIconW
GetDlgItem
GetClientRect
SendMessageW
DestroyIcon
SendDlgItemMessageW
LoadStringW
LoadStringA
DialogBoxParamW
GetSystemMetrics
PeekMessageW

ole32

ReleaseStgMedium

shlwapi

StrToIntW
StrToIntA
ord219
PathAppendW
PathBuildRootW
StrCatW

shell32

DragQueryFileW
SHChangeNotifySuspendResume
SHChangeNotify
ord155
SHGetFileInfoW
ord182
SHParseDisplayName
ShellExecuteW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 2KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 2KB - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 2KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 2KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HAJS
Size: 2KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HnJS
Size: 2KB - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKALS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKAkS
Size: 2KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SfAkS
Size: 2KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUqj
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUq8
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQK
Size: 2KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHSK
Size: 2KB - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQJ
Size: 2KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

shlwapi

shell32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.fhj5 Size: 2KB - Virtual size: 192B

.fhj50 Size: 2KB - Virtual size: 194B

.fhj51 Size: 2KB - Virtual size: 228B

.fhj52 Size: 212KB - Virtual size: 211KB

.fhj53 Size: 212KB - Virtual size: 211KB

.fhj54 Size: 2KB - Virtual size: 196B

.fhj55 Size: 2KB - Virtual size: 204B

.fhj56 Size: 2KB - Virtual size: 208B

.fhj57 Size: 2KB - Virtual size: 202B

.fhj58 Size: 2KB - Virtual size: 228B

.fhj59 Size: 2KB - Virtual size: 206B

.1231 Size: 2KB - Virtual size: 208B

.JAKS Size: 2KB - Virtual size: 208B

.GAHS Size: 2KB - Virtual size: 204B

.HAJS Size: 2KB - Virtual size: 588B

.HnJS Size: 2KB - Virtual size: 198B

.SKALS Size: 2KB - Virtual size: 208B

.SKAkS Size: 2KB - Virtual size: 216B

.SfAkS Size: 2KB - Virtual size: 236B

.8AUqj Size: 2KB - Virtual size: 202B

.8AUq8 Size: 2KB - Virtual size: 202B

.JAHQK Size: 2KB - Virtual size: 160B

.JAHSK Size: 2KB - Virtual size: 162B

.JAHQJ Size: 2KB - Virtual size: 126B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 324B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.fhj5
Size: 2KB - Virtual size: 192B

.fhj50
Size: 2KB - Virtual size: 194B

.fhj51
Size: 2KB - Virtual size: 228B

.fhj52
Size: 212KB - Virtual size: 211KB

.fhj53
Size: 212KB - Virtual size: 211KB

.fhj54
Size: 2KB - Virtual size: 196B

.fhj55
Size: 2KB - Virtual size: 204B

.fhj56
Size: 2KB - Virtual size: 208B

.fhj57
Size: 2KB - Virtual size: 202B

.fhj58
Size: 2KB - Virtual size: 228B

.fhj59
Size: 2KB - Virtual size: 206B

.1231
Size: 2KB - Virtual size: 208B

.JAKS
Size: 2KB - Virtual size: 208B

.GAHS
Size: 2KB - Virtual size: 204B

.HAJS
Size: 2KB - Virtual size: 588B

.HnJS
Size: 2KB - Virtual size: 198B

.SKALS
Size: 2KB - Virtual size: 208B

.SKAkS
Size: 2KB - Virtual size: 216B

.SfAkS
Size: 2KB - Virtual size: 236B

.8AUqj
Size: 2KB - Virtual size: 202B

.8AUq8
Size: 2KB - Virtual size: 202B

.JAHQK
Size: 2KB - Virtual size: 160B

.JAHSK
Size: 2KB - Virtual size: 162B

.JAHQJ
Size: 2KB - Virtual size: 126B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 324B